DEV Community: Mohammad Saddan Hussain

How to host a website on GitHub with custom domain

Mohammad Saddan Hussain — Fri, 23 Dec 2022 11:27:03 +0000

In this article, we are going to learn how we can host a website on a GitHub page with a custom domain name.

I will upload my portfolio website on GitHub step by step.

First of all, we need to code your website and collect all the file and upload it to the GitHub repository.

If you don't know how to upload your code to the GitHub repository then let me know in the comment section, and I will write an article on the same.

Once the code is uploaded to the GitHub repository, Goto the same repository as shown in the below screenshot.

In the above screenshot, we can see a lot of repositories are there. I am going to upload myPortfolio website so I will click on the same.

Once we will click on the repository that we want to upload we will get to see a setting icon as shown in the below screenshot.

After clicking on the setting, we will find a section on the left side call pages. we will on that as shown in the below screenshot.

Once we click on pages, we will see a source, we need to click on the dropdown and select "Deploy from a branch" as shown in the below screenshot.

After that, we need to select the branch as the main and the folder as /(root) as shown in the below screenshot.

After selecting the branch and folder, we will save it.

Once it's saved, we will go to our GitHub account settings as shown below.

Then we will click on the pages on the left side as shown in the below screenshot.

When we click on pages, we will see a button called add a domain. we will click on that button as shown in the below screenshot.

After clicking on Add a domain button, we will see a field where we need to give the custom domain name that we would have purchased from GoDaddy or any other domain name provider.

In my case, I have purchased from GoDaddy and my custom domain name is hussaincode.in so, I have given the same name as shown in the below screenshot.

And then we can click on "Add a domain" button as shown above.

Once we will click on Add a domain button we will get some DNS TXT records as shown in the below screenshot that we need to add to our domain name provider like in my case on GoDaddy.

We will copy this hostname and TXT record value and will go to our domain name provider and find the domain name DNS record.

First, we will go to the GoDaddy website and log in through our id and click on my product as shown below.

Then we will go to the DNS of our domain name that we want to set up on the GitHub page as shown below.

Once we click on DNS, we will find all the DNS records. In that record, we need to add the TXT record as shown below.

After clicking on add, we need to select the TXT record and put the hostname and its value that we copied from the GitHub TXT record during adding a domain.

Once it's done we will save it and look for the CNAME record in the DNS if it's there we need to edit it and if it's not there we need to add the CNAME record and give the value as "hussaincode.github.io" where hussaincode is my username, you can check your username from your GitHub profile and change it accordingly.

Select all the values same as shown below just change the hussaincode with your username.

We will check all the values if it's correct we will save them and then we will look for the "A" record in the DNS and give the value from this GitHub documentation as shown below.

After that, we will save this and come back to our repository settings again and will go to the pages.

And then at last we can see the custom domain field is there, we will give our custom domain name in that field and save it as shown below.

It will show as a DNS check in progress. We will wait for some time and it will show as the DNS check is successful as shown below

Once DNS is successful, our website will go live. we can check on our custom domain our website will be up and running.

In my case, my site hussaincode.in is up and running as shown in the below screenshot.

Hurray, Our site is up and running using GitHub pages without and hosting coast.

If you have any doubt or get stuck at any point, comment it and I will try to help as much as possible.

Thank you all for reading this article, Hope it helps.

Most Commonly Asked DSA Question in Interview - 2022

Mohammad Saddan Hussain — Mon, 28 Feb 2022 07:17:55 +0000

Most Commonly Asked DSA Question in Interview - 2022

Hussain Code

·Feb 18, 2022·

7 min read

Subscribe to my newsletter and never missmy upcoming articles

1) What is Data Structure?
2) What are the applications of Data Structure?
3) Tell us about linked list.
4) Give us one advantage of linked list?
5) What is the difference between PUSH and POP?
6) Where is data structure majorly used?
7) Are linked lists considered linear or non-linear data structures?
8) What do you mean by LIFO?
9) What are the various operations that can be performed on different Data Structures?
10) Which Data Structure Should be used for implementing LRU cache?
11) What are the advantages of Linked List over an array?
12) Tell us something about binary trees.
15) What exactly do you mean by merge sort?
16) What is the least number of nodes that a binary tree can have?
17) What are the scenarios in which an element can be inserted into the circular queue?
18) What do you know about stack?
- 19) What is a dequeue?
- 20) Define the graph data structure?
- 21) Which data structures are used in BFS and DFS algorithm?
- 22) What are the applications of Graph data structure?

The tech interview stage of a job requires a thorough preparation before you can impress the interviewer. Right from knowing everything about the technical subject to apprising the interviewers about your previous achievements and projects, you are required to do everything that can convince them about your knowledge and skills.

In this article, we have prepared a list of most frequently asked Data Structure interview questions and answers.

1) What is Data Structure?

Data structure is a fundamental concept of any programming language, essential for algorithmic design.
It is used for the efficient organization and modification of data.
DS is how data and the relationship amongst different data is represented, that aids in how efficiently various functions or operations or algorithms can be applied.

2) What are the applications of Data Structure?

Data structures form the core foundation of software programming as any efficient algorithm to a given problem is dependent on how effectively a data is structured.

Identifiers look ups in compiler implementations are built using hash tables.
The B-trees data structures are suitable for the databases implementation.

Some of the most important areas where data structures are used are as follows:

Artificial intelligence
Compiler design
Machine learning
Database design and management
Blockchain
Numerical and Statistical analysis
Operating system development
Image & Speech Processing
Cryptography

3) Tell us about linked list.

A linked list can be defined as a chain of nodes wherein each node is connected to the next one.

4) Give us one advantage of linked list?

One inherent advantage of linked list is that it is very easy to modify irrespective of the number of elements that are there in the list.

5) What is the difference between PUSH and POP?

PUSH and POP operations specify how data is stored and retrieved in a stack.

PUSH: PUSH specifies that data is being "inserted" into the stack.

POP: POP specifies data retrieval. It means that data is being deleted from the stack.

6) Where is data structure majorly used?

Simplistically speaking, data structures are involved in all areas when data is engaged. Some of the prominent areas where it is applied are artificial intelligence, database management, statistical analysis, etc.

7) Are linked lists considered linear or non-linear data structures?

A linked list is considered both linear and non-linear data structure depending upon the situation.

On the basis of data storage, it is considered as a non-linear data structure.
On the basis of the access strategy, it is considered as a linear data-structure.

8) What do you mean by LIFO?

LIFO stands for Last In First Out. It means that the data which was stored last would be the first one to be extracted.

9) What are the various operations that can be performed on different Data Structures?

Insertion ? Add a new data item in the given collection of data items.
Deletion ? Delete an existing data item from the given collection of data items.
Traversal ? Access each data item exactly once so that it can be processed.
Searching ? Find out the location of the data item if it exists in the given collection of data items.
Sorting ? Arranging the data items in some order i.e. in ascending or descending order in case of numerical data and in dictionary order in case of alphanumeric data.

10) Which Data Structure Should be used for implementing LRU cache?

We use two data structures to implement an LRU Cache.
Queue which is implemented using a doubly linked list. The maximum size of the queue will be equal to the total number of frames available (cache size). The most recently used pages will be near rear end and least recently pages will be near front end.
A Hash with page number as key and address of the corresponding queue node as value. See How to implement LRU caching scheme? What data structures should be used?

11) What are the advantages of Linked List over an array?

The size of a linked list can be incremented at runtime which is impossible in the case of the array.
The List is not required to be contiguously present in the main memory, if the contiguous space is not available, the nodes can be stored anywhere in the memory connected through the links.
The List is dynamically stored in the main memory and grows as per the program demand while the array is statically stored in the main memory, size of which must be declared at compile time.
The number of elements in the linked list are limited to the available memory space while the number of elements in the array is limited to the size of an array.

12) Tell us something about binary trees.

A binary tree is a form of data structure. It has two nodes, namely the left node and the right node.

13) How to check if a given Binary Tree is BST or not?

If in order traversal of a binary tree is sorted, then the binary tree is BST. The idea is to simply do in order traversal and while traversing keep track of previous key value. If current key value is greater, then continue, else return false. See A program to check if a binary tree is BST or not for more details.

14) What is a queue?

A queue is a form of data structure that induces a list of data. In this form of structure, the old elements are removed from one end while the new ones keep getting added to the other end.

15) What exactly do you mean by merge sort?

In merge sort, adjacent data elements are merged into one to form a bigger list. These lists are further merged into another big list and the process keeps happening until a single list is obtained.

16) What is the least number of nodes that a binary tree can have?

A binary tree can have zero nodes as the least number. Further, the number can be increased to 1 or 2 nodes.
Data structure is a large concept. A range of questions can be extracted from this data storage model. Keeping that in mind, we have another set of questions below that you should prepare for the interview.

17) What are the scenarios in which an element can be inserted into the circular queue?

If (rear + 1)% maxsize = front, the queue is full. In that case, overflow occurs and therefore, insertion can not be performed in the queue.
If rear != max - 1, the rear will be incremented to the mod(maxsize) and the new value will be inserted at the rear end of the queue.
If front != 0 and rear = max - 1, it means that queue is not full therefore, set the value of rear to 0 and insert the new element there.

18) What do you know about stack?

In stack, the newest data element is accessed first. As the name suggests, all old elements are pushed downwards leaving the last added one on the top.

19) What is a dequeue?

Dequeue (also known as double-ended queue) can be defined as an ordered set of elements in which the insertion and deletion can be performed at both the ends, i.e. front and rear.

20) Define the graph data structure?

A graph G can be defined as an ordered set G(V, E) where V(G) represents the set of vertices and E(G) represents the set of edges which are used to connect these vertices. A graph can be seen as a cyclic tree, where the vertices (Nodes) maintain any complex relationship among them instead of having parent-child relations.

21) Which data structures are used in BFS and DFS algorithm?

In BFS algorithm, Queue data structure is used.
In DFS algorithm, Stack data structure is used.

22) What are the applications of Graph data structure?

The graph has the following applications:

Graphs are used in circuit networks where points of connection are drawn as vertices and component wires become the edges of the graph.
Graphs are used in transport networks where stations are drawn as vertices and routes become the edges of the graph.
Graphs are used in maps that draw cities/states/regions as vertices and adjacency relations as edges.
Graphs are used in program flow analysis where procedures or modules are treated as vertices and calls to these procedures are drawn as edges of the graph.

Some Extra questions for your preparation :

• What do you understand by dynamic data structures?
• Differentiate between Null and Void
• Cite the difference between Stack and Array.
• How would you define dequeue?
• Tell us about the working of a selection list.
• What do you know about graph?
• What exactly is an AVL tree?
• Do you know anything about Huffman’s algorithm?
• Tell us about recursive algorithm.

While appearing for your interview, Be confident and approach the day with an optimistic outlook. Present yourself with smile and take your time to think about the solutions, do not hurry yourself.

Thanks for the reading. All the best!

Share this

Java Solution to leetcode problem 1572. Matrix Diagonal Sum

Mohammad Saddan Hussain — Mon, 28 Feb 2022 05:13:10 +0000

Java Solution to leetcode problem 1572. Matrix Diagonal Sum

Hussain Code

·Feb 28, 2022·

1 min read

Subscribe to my newsletter and never missmy upcoming articles

Given a square matrix mat, return the sum of the matrix diagonals.

Only include the sum of all the elements on the primary diagonal and all the elements on the secondary diagonal that are not part of the primary diagonal.

Input:mat= [[1,2,3],
              [4,5,6],
              [7,8,9]]Output:25Explanation: Diagonals sum:1+5+9+3+7=25Noticethatelementmat[1][1]=5iscountedonlyonce.

Leetcode question link - leetcode.com/problems/matrix-diagonal-sum

Solution :-

public class Q15 {public static void main(String[] args) {int[][] mat={{1,2,3},
                {4,5,6},
                {7,8,9}};
        System.out.println(diagonalSum(mat));
    }
    static int diagonalSum(int[][] mat) {int n = mat.length;int principal =0, secondary =0;for (int i =0; i &lt; n; i++) {
            principal += mat[i][i];
            secondary += mat[i][n - i -1];
        }return n%2==0 ? (principal + secondary) : (principal + secondary - mat[n/2][n/2]);
    }
}

Share this

OAuth 2.0 and OpenID Connect

Mohammad Saddan Hussain — Mon, 28 Feb 2022 04:59:46 +0000

OAuth 2.0 and OpenID Connect

Hussain Code

·Feb 22, 2022·

11 min read

Subscribe to my newsletter and never missmy upcoming articles

What is OAuth 2.0 ?
Different identity use case
Delegated Authorization with OAuth 2.0
OAuth 2.0 Terminology
More OAuth 2.0 Terminology
More OAuth 2.0 Terminology
Why we have to get Authorization code and then exchange that for Access Token
Some key points regarding the Flow
Starting the flow
Calling Back / Redirect URI
Exchange code for Access Token
Authorization server returns an Access Token
Use the Access Token
Different types of OAuth 2.0 flows
Identity use cases (Earlier)
Problems with OAuth 2.0 for authentication
OAuth 2.0 and OpenID Connect
What OpenID Connect adds to OAuth 2.0
OpenID Connect authorization code flow
Starting the OpenID flow
Exchange code for access token and ID token
Authorization server returns access and ID tokens
Identity use cases (Today)
Which flow (grant type) should we use?
Example: web application with server backend
Example: native mobile app
Example: SPA with API backend
Example: SSO with 3rd-party services
Token validation
Keeping the user signed in

What is OAuth 2.0 ?

To understand OAuth, let us take this classic example of photo printing service you must have seen websites like this where you give them an image file and you pay them to ship printed photos to your home address. Imagine you're starting a new photo printing business that lets people upload photos to your website and they can order prints of these photos. you code your website and apply the people sign up everything is good but nobody keeps photos on their machines anymore they use the cloud and so you keep getting this feature request to provide users the ability to import their photos from
somewhere like Google Drive and then print it directly from there without the users having to download and upload again. Now what do you have to do to implement this import from Google Drive feature in your application. You need to connect to the users Google Drive account and access their files but how can your application do that. The users files on Google Drive need Google authentication how can you write code for your website that can authenticate with Google on behalf of your users well.
You can ask the user for their Google ID and password you can say hey user do you want me to print your photos on Google. Google doesn't give me access, so here's my screen where you enter your Google ID and password you just give them to me I will log into your Google account and access your photos and print them.
It'll work in theory but do you think users will give you their Google ID and password. no they probably won't because they don't trust you what they want to give you is access to just certain photos. They don't want to give you access to their whole Google Drive and email and everything else.
Now you can say to your user I promise to access just your files that you mentioned and I promise to throw out the password after I'm done I'm totally not saving that but there's no guarantee that this service is gonna do that. So now we can say Google Drive has a share feature you can ask the user
to share the files out and then give the link to them in your service but there are problems here what if the users don't want to share files out to anyone also what if it's a different scenario where sharing isn't an option. For example - Think of the scenario where your service wants to access the list of your users friends to send invites to the application there's no way you can ask the user to share their address book such a feature just doesn't exist. So how do you have a third party service authorize with the Google address book service as your user without the user providing their credentials. This is where OAuth comes in to solve this problem of services trying to access each other on behalf of the user.There was the standard created called OAuth. There was a version 1.0 of the standard but the current
version is the most widely used this is OAuth 2.0.

Different identity use case

Simple Login -> Forms and Cookies
Single Sign On across site -> SAML
Mobile App Login -> Authorization code through PKCE
Delegated Authorization -> OAuth

We will focus on Delegated authorization as it will cover the whole OAuth perspectives.

Delegated Authorization with OAuth 2.0

We will start with user like you and me who wants to login in to some website called yelp.com

So you have trust on google and you have a little trust on yelp.com and you want this site to just access my contacts but you don't want to give them enough access to let them delete your contacts.

When user will click on this connect with Google link, user would go to the OAuth flow. It's basically the set of steps that ultimately results in the application being able to access that information or having the authorization to access that information.

This diagram illustrate at high level how this flow works.

So, if the user clicks on this link user will be redirected to google domain accounts.google.com then user will enter the email and password.
Now it's little safe as we are sharing the email and password with google.com an not yelp.com

Assuming you logged in successfully, there you get a prompts that says this application yelp is trying to access your list of things. are you sure you want to allow this? Yes or NoSo users explicitly have to give their consent to whatever they are granting access.

Assuming user click Yes then browser will be redirected back to yelp.com. The application called a callback or redirect URI. That application is the allowed to go an talk to some other APIs like google contacts API.

OAuth 2.0 Terminology

Resource Owner
Client
Authorization Server
Resource Server
Authorization Grant
Redirect URI
Access Token

Resource Owner :-

You, me and number of users who owns the data would give the permission to other application to access their data from google.

Client :-

We are using yelp.com here as an example. so Yelp.com would be a client.

Authorization Server :-

It is a system that you can use to say "Yes I authorize this permission"

Resource Server :-

It is the API or the system that actually holds the data that clients wants to get.

Sometimes the Authorization server and the Resource server are same thing.

Authorization Grant :-

It is a thing that basically proves that user has clicked yes when asked for permission or allow you to have this permission.

Redirect URI :-

The url that we give when user get the permission from the Resource server using the Authorization grant and get back to the site where we have started like yelp.com

Access Token :-

An access token is an object encapsulating the security identity of a process or thread. A token is used to make security decisions and to store tamper-proof information about some system entity. While a token is generally used to represent only security information, it is capable of holding additional free-form data that can be attached while the token is being created.

At higher level client needs something called Access Token.

Because of this access token, client can have the access to the contacts but instead of getting the contacts if they try to delete your contacts they couldn't delete your contacts because you have given the permission to just access the contacts and access token generated according to your permission. so using that access token user can just access your contacts.

Now we want some way of being very granular, have specific permission that we can turn on or off.

More OAuth 2.0 Terminology

Scope
Consent

Scope is a specific permission you want to give to the users. for example it can be read contacts, write contacts.
when we define the scope user will be allowed to take the information.

List of permission that client is asking for is then used by authorization server to generate that consent screen that is presented to the users that says yelp.com is asking for the permission to do XYZ.
Users give an explicit ability to consent or not consent to that particular list of contacts.

For example, Facebook changed the authorization service recently to be really explicit about let you know weather or not an application that you are giving access is to allowed to post on your wall because earlier it was not clear after connecting will they just get your information or they are going to spam you facebook wall with each and every post. Now Facebook made it very granular.

More OAuth 2.0 Terminology

Front Channel (Less secure channel)
Back Channel (High secure channel)

Back Channel

If your server code is running on your server which only you have access to and you can make an API request or some other HTTP request from your server to another server like Google's API and that is going over HTTP, SSL encrypted, no one can intercept that communication. it's highly secure, that's what we call as a Back Channel.

Front Channel

Your Browser can be considered as a front channel, where your browser is secure but there might be loopholes or there is some place where stuff could leak from the browser.

Suppose you are building a web application and you want to store a secret password or any secret key in your web application. If you put it in HTML or JavaScript of your web application then anybody could just right click and view the source code and can see the secret key. That's why browser is considered as Front Channel and less secure.

Why we have to get Authorization code and then exchange that for Access Token

As you would go through this OAuth flow you will find out that the flow is designed including the reason why we have to get the authorization code and exchange that for access token is designed to take the advantages of best things about front channel and back channel to make it more secure.

Authorization code gets exchange with access token at authorization server so that no one could steal that access token and access our information in wrong way.

Some key points regarding the Flow

Access Token is very sensitive information.
Front channel is used to interact with the user.
The last step of the flow happened at back channel.

Starting the flow

client_id=abc123&amp;
redirect_uri=https://yelp.com/callback&amp;
scope=profile&amp;
response_type=code&amp;
state=foobar

Client Secret will be on authorization server

Calling Back / Redirect URI

https://yelp.com/callback?error=access_denied&amp;
error_description=The user did not consent.https://yelp.com/callback?code=oMsCeLvIaQm6bTrgtp7&amp;
state=foobar

Exchange code for Access Token

POST www.googleapis.com/oauth2/v4/token
Content-Type: application/x-www-form-urlencoded
code=oMsCeLvIaQm6bTrgtp7&amp;client_id=abc123&amp;client_secret=secret123&amp;grant_type=authorization_code

Authorization server returns an Access Token

{"access_token": "fFAGRNJru1FTz70BzhT3Zg","expires_in": 3920,"token_type": "Bearer",
}

Use the Access Token

GET api.google.com/some/endpointAuthorization: Bearer fFAGRNJru1FTz70BzhT3Zg

Different types of OAuth 2.0 flows

Authorization code (front channel + back channel)
Implicit (front channel only)
Resource owner password credentials (back channel only)
Client credentials (back channel only)

We use the Implicit flows when we have pure JavaScript or Angular web application which doesn't have any backend server.

Although it's less secure but anyway just make sure no body could steal your access token, try to hide it in front end only.

Identity use cases (Earlier)

• Simple login – OAuth 2.0 Authentication
• Single sign-on across sites – OAuth 2.0 Authentication
• Mobile app login – OAuth 2.0 Authentication
• Delegated authorization – OAuth 2.0 Authorization

OAuth 2.0 was originally invented for Authorization but later company like google, facebook and twitter started using in Authentication also by making some changes on the top of the OAuth 2.0.

Problems with OAuth 2.0 for authentication

• No standard way to get the user's information
• Every implementation is a little different
• No common set of scopes

The reason why we shouldn't use the OAuth 2.0 for Authentication because there is no standard of getting the user info in OAuth 2.0

OAuth 2.0 and OpenID Connect

To standardize the Authentication to get the user information on top of OAuth 2.0, OpenID Connect came in picture.

What OpenID Connect adds to OAuth 2.0

ID token
UserInfo endpoint for getting more user information
Standard set of scopes
Standardized implementation

OpenID Connect authorization code flow

Starting the OpenID flow

https://accounts.google.com/o/oauth2/v2/auth?client_id=abc123&amp;redirect_uri=https://yelp.com/callback&amp;scope=openid profile&amp;response_type=code&amp;state=foobar

Exchange code for access token and ID token

POST www.googleapis.com/oauth2/v4/token
Content-Type: application/x-www-form-urlencoded
code=oMsCeLvIaQm6bTrgtp7&amp;client_id=abc123&amp;client_secret=secret123&amp;grant_type=authorization_code

Authorization server returns access and ID tokens

{"access_token": "fFAGRNJru1FTz70BzhT3Zg","id_token": "eyJraB03ds3F...""expires_in": 3920,"token_type": "Bearer",
}

ID token is just a token encoding the bunch of information. it's also called as JWT.

it looks something like gibberish words but underneath it contains all the information of the users.

Example of ID Token or JWT

eyJhbGciOiJSUzI1NiIsImtpZCI6IkRNa3Itd0JqRU1EYnhOY25xaVJISVhu
YUxubWI3UUpfWF9rWmJyaEtBMGMifQ
.
eyJzdWIiOiIwMHU5bzFuaWtqdk9CZzVabzBoNyIsInZlciI6MSwiaXNzIjoi
aHR0cHM6Ly9kZXYtMzQxNjA3Lm9rdGFwcmV2aWV3LmNvbS9vYXV0aDIvYXVz
OW84d3ZraG9ja3c5VEwwaDciLCJhdWQiOiJsWFNlbkx4eFBpOGtRVmpKRTVz
NCIsImlhdCI6MTUwOTA0OTg5OCwiZXhwIjoxNTA5MDUzNDk4LCJqdGkiOiJJ
RC5oa2RXSXNBSXZTbnBGYVFHTVRYUGNVSmhhMkgwS2c5Ykl3ZEVvVm1ZZHN3
IiwiYW1yIjpbImtiYSIsIm1mYSIsInB3ZCJdLCJpZHAiOiIwMG85bzFuaWpr
aWpLeGNpbjBoNyIsIm5vbmNlIjoidWpwMmFzeHlqN2UiLCJhdXRoX3RpbWUi
OjE1MDkwNDk3MTl9
.
dv4Ek8B4BDee1PcQT_4zm7kxDEY1sRIGbLoNtlodZcSzHzXU5GkKyl6sAVmdXOIPUlAIrJAhNfQWQ-
_XZLBVPjETiZE8CgNg5uqNmeXMUnYnQmvN5oWlXUZ8Gcub-GAbJ8-NQuyBmyec1j3gmGzX3wemke8NkuI6SX2L4Wj1PyvkknBtbjfiF9ud1-ERKbobaFbnjDFOFTzvL6g34SpMmZWy6uc_Hs--n4IC-ex-_Ps3FcMwRggCW_-7o2FpH6rJTOGPZYrOx44n3ZwAu2dGm6axtPIsqU8b6sw7DaHpogD_hxsXgMIOzOBMbYsQEiczoGn71ZFz_1O7FiW4dH6g

If you paste this value in jwt.io , you will get a lot of information contained by this jwt.

There is different segment of this id token like header portion, signature portion and payload portion.

Header

{"alg": "RS256","kid": "DMkr-wBjEMDbxNcnqiRHIXnaLnmb7QJ_X_kZbrhKA0c"}

Payload

{"iss": "https://accounts.google.com","sub": "you@gmail.com","name": "Nate Barbettini""aud": "s6BhdRkqt3","exp": 1311281970,"iat": 1311280970,"auth_time": 1311280969,
}

Signature can be used to verify the ID Token has not been modified or compromised or rather changed in any way.

Identity use cases (Today)

• Simple login – OpenID Connect Authentication

• Single sign-on across sites – OpenID Connect Authentication

• Mobile app login – OpenID Connect Authentication

• Delegated authorization – OAuth 2.0 Authorization

OAuth OpenID Connect

Which flow (grant type) should we use?

Web application w/ server backend: authorization code flow
Native mobile app: authorization code flow with PKCE
JavaScript app (SPA) w/ API backend: implicit flow
Microservices and APIs: client credentials flow

Example: web application with server backend

Example: native mobile app

Example: SPA with API backend

Example: SSO with 3rd-party services

Token validation

The fast way: local validation
Check expiration timestamp
Validate cryptographic signature
The strong way: introspection

Keeping the user signed in

For both local validation and introspection, the token is invalid once it
expires, so:

If there's a user at the keyboard, just redirect through the
authorization server again.
If there's no user (automated tasks), request a refresh token (offline scope).

Thank you for reading out this blog! I hope now you have very good understanding of OAuth 2.0 and OpenID Connect.

Share this

Registration/Login System using Spring Boot and Spring Security

Mohammad Saddan Hussain — Mon, 28 Feb 2022 04:50:47 +0000

Registration/Login System using Spring Boot and Spring Security

Hussain Code

·Feb 20, 2022·

7 min read

Subscribe to my newsletter and never missmy upcoming articles

In this article we are going to build complete Registration/Login System using Spring Boot and Spring Security.

Technology used :-

 =&gt; Spring Boot

   =&gt; Spring Security

   =&gt; Java Mail

   =&gt; Email verification with expiry

1. Create Project using Spring Initializer

Follow this link and you will be redirected to the spring initializer with all the dependencies requires for this project.

Download this project and you will get the zip file. unzip it and open with intelliJ Idea.

2. Create appuser package

Inside this package we will configure all the user details in different classes and Interfaces.

Create a AppUser class and define all the properties of the user like firstName, lastName, email, password, etc.
Create a AppUserRepository interface and an inherit the JpaRepository class to do all the database operations on the users.

@Transactional(readOnly = true)
public interface AppUserRepository extends JpaRepository&lt;AppUser, Long&gt; {
    Optional&lt;AppUser&gt; findByEmail(String email);

    @Transactional
    @Modifying
    @Query("UPDATE AppUser a " +
            "SET a.enabled = TRUE WHERE a.email = ?1")
    int enableAppUser(String email);
}

Create a AppUserRole enum to define the role of the user.

public enum AppUserRole { USER, ADMIN }

Create a AppUserService class to define the service in terms of how user will register and share the data to login.

@Service
@AllArgsConstructorpublic class AppUserService implements UserDetailsService {private static final String USER_NOT_FOUND ="user with email %s not found!";private final AppUserRepository appUserRepository;private final BCryptPasswordEncoder bCryptPasswordEncoder;private final ConfirmationTokenService confirmationTokenService;

    @Overridepublic UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {return appUserRepository.findByEmail(email)
                .orElseThrow(() -&gt;new UsernameNotFoundException(String.format(USER_NOT_FOUND,email)));
    }public String signUpUser(AppUser appUser){
       boolean userExists = appUserRepository
                .findByEmail(appUser.getEmail())
                .isPresent();if (userExists){// TODO: CHECK OF ATTRIBUTES ARE THE SAME AND//TODO: IF EMAIL NOT CONFIRMED SENDD CONFIRMATION MAILthrownew IllegalStateException("email already taken!");
       }
       String encodedPassword = bCryptPasswordEncoder.encode(appUser.getPassword());
       appUser.setPassword(encodedPassword);

       appUserRepository.save(appUser);

        String token = UUID.randomUUID().toString();//TODO: Send confirmation token ConfirmationToken confirmationToken =new ConfirmationToken(
                token,
                LocalDateTime.now(),
                LocalDateTime.now().plusMinutes(15),
                appUser
        );
        confirmationTokenService.saveConfirmationToken(confirmationToken);//TODO Send Emailreturn token;
    }publicint enableAppUser(String email) {return appUserRepository.enableAppUser(email);
    }
}

3. Create registration package

Inside this package we will configure all the registration details in different classes and Interfaces that will register a user we have in appuser package.

Create a UserRegistration Class to map a registration endpoint

@RequestMapping(path = "api/v1/registration")
@AllArgsConstructor
public class UserRegistration {

    private final RegistrationService registrationService;

    @PostMapping
    public String register(@RequestBody RegistrationRequest request){

        return registrationService.register(request);
    }

    @GetMapping(path = "confirm")
    public String confirm(@RequestParam("token") String token) {
        return registrationService.confirmToken(token);
    }

}

Create a RegistrationRequest class to request all the data from the user.

@AllArgsConstructor
@EqualsAndHashCode
@ToString
public class RegistrationRequest {
    private final String firstName;
    private final String lastName;
    private final String email;
    private final String password;
}

Create a EmailValidator class that will validate the user's email

@Service@AllArgsConstructorpublicclassEmailValidatorimplementsPredicate&lt;String&gt; {@Overridepublicbooleantest(String s){returnfalse;
    }
}

Create a RegistrationService class to map the relation between the user and registration endpoint.

@AllArgsConstructor
public class RegistrationService {
    private final AppUserService appUserService;
    private final EmailValidator emailValidator;
    private final EmailSender emailSender;
    private final ConfirmationTokenService confirmationTokenService;

    public String register(RegistrationRequest request) {

        boolean isValidEmail = emailValidator.test(request.getEmail());

        if(isValidEmail){
            throw new IllegalStateException("Email is not valid!");
        }
            String token = appUserService.signUpUser(
                    new AppUser(
                            request.getFirstName(),
                            request.getLastName(),
                            request.getEmail(),
                            request.getPassword(),
                            AppUserRole.USER
                    )
            );
        String link = "http://localhost:8080/api/v1/registration/confirm/?token=" + token;
        emailSender.send(
                request.getEmail(),
                buildEmail(request.getFirstName(), link) );

        return  token;
    }
    @Transactional
    public String confirmToken(String token) {
        ConfirmationToken confirmationToken = confirmationTokenService
                .getToken(token)
                .orElseThrow(() -&gt;
                        new IllegalStateException("token not found"));

        if (confirmationToken.getConfirmedAt() != null) {
            throw new IllegalStateException("email already confirmed");
        }

        LocalDateTime expiredAt = confirmationToken.getExpiredAt();

        if (expiredAt.isBefore(LocalDateTime.now())) {
            throw new IllegalStateException("token expired");
        }

        confirmationTokenService.setConfirmedAt(token);
        appUserService.enableAppUser(
                confirmationToken.getAppUser().getEmail());
        return "confirmed";
    }

    private String buildEmail(String name, String link) {
        return "&lt;div style=\"font-family:Helvetica,Arial,sans-serif;font-size:16px;margin:0;color:#0b0c0c\"&gt;\n" +
                "\n" +
                "&lt;span style=\"display:none;font-size:1px;color:#fff;max-height:0\"&gt;&lt;/span&gt;\n" +
                "\n" +
                "  &lt;table role=\"presentation\" width=\"100%\" style=\"border-collapse:collapse;min-width:100%;width:100%!important\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\"&gt;\n" +
                "    &lt;tbody&gt;&lt;tr&gt;\n" +
                "      &lt;td width=\"100%\" height=\"53\" bgcolor=\"#0b0c0c\"&gt;\n" +
                "        \n" +
                "        &lt;table role=\"presentation\" width=\"100%\" style=\"border-collapse:collapse;max-width:580px\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" align=\"center\"&gt;\n" +
                "          &lt;tbody&gt;&lt;tr&gt;\n" +
                "            &lt;td width=\"70\" bgcolor=\"#0b0c0c\" valign=\"middle\"&gt;\n" +
                "                &lt;table role=\"presentation\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" style=\"border-collapse:collapse\"&gt;\n" +
                "                  &lt;tbody&gt;&lt;tr&gt;\n" +
                "                    &lt;td style=\"padding-left:10px\"&gt;\n" +
                "                  \n" +
                "                    &lt;/td&gt;\n" +
                "                    &lt;td style=\"font-size:28px;line-height:1.315789474;Margin-top:4px;padding-left:10px\"&gt;\n" +
                "                      &lt;span style=\"font-family:Helvetica,Arial,sans-serif;font-weight:700;color:#ffffff;text-decoration:none;vertical-align:top;display:inline-block\"&gt;Confirm your email&lt;/span&gt;\n" +
                "                    &lt;/td&gt;\n" +
                "                  &lt;/tr&gt;\n" +
                "                &lt;/tbody&gt;&lt;/table&gt;\n" +
                "              &lt;/a&gt;\n" +
                "            &lt;/td&gt;\n" +
                "          &lt;/tr&gt;\n" +
                "        &lt;/tbody&gt;&lt;/table&gt;\n" +
                "        \n" +
                "      &lt;/td&gt;\n" +
                "    &lt;/tr&gt;\n" +
                "  &lt;/tbody&gt;&lt;/table&gt;\n" +
                "  &lt;table role=\"presentation\" class=\"m_-6186904992287805515content\" align=\"center\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" style=\"border-collapse:collapse;max-width:580px;width:100%!important\" width=\"100%\"&gt;\n" +
                "    &lt;tbody&gt;&lt;tr&gt;\n" +
                "      &lt;td width=\"10\" height=\"10\" valign=\"middle\"&gt;&lt;/td&gt;\n" +
                "      &lt;td&gt;\n" +
                "        \n" +
                "                &lt;table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" style=\"border-collapse:collapse\"&gt;\n" +
                "                  &lt;tbody&gt;&lt;tr&gt;\n" +
                "                    &lt;td bgcolor=\"#1D70B8\" width=\"100%\" height=\"10\"&gt;&lt;/td&gt;\n" +
                "                  &lt;/tr&gt;\n" +
                "                &lt;/tbody&gt;&lt;/table&gt;\n" +
                "        \n" +
                "      &lt;/td&gt;\n" +
                "      &lt;td width=\"10\" valign=\"middle\" height=\"10\"&gt;&lt;/td&gt;\n" +
                "    &lt;/tr&gt;\n" +
                "  &lt;/tbody&gt;&lt;/table&gt;\n" +
                "\n" +
                "\n" +
                "\n" +
                "  &lt;table role=\"presentation\" class=\"m_-6186904992287805515content\" align=\"center\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" style=\"border-collapse:collapse;max-width:580px;width:100%!important\" width=\"100%\"&gt;\n" +
                "    &lt;tbody&gt;&lt;tr&gt;\n" +
                "      &lt;td height=\"30\"&gt;&lt;br&gt;&lt;/td&gt;\n" +
                "    &lt;/tr&gt;\n" +
                "    &lt;tr&gt;\n" +
                "      &lt;td width=\"10\" valign=\"middle\"&gt;&lt;br&gt;&lt;/td&gt;\n" +
                "      &lt;td style=\"font-family:Helvetica,Arial,sans-serif;font-size:19px;line-height:1.315789474;max-width:560px\"&gt;\n" +
                "        \n" +
                "            &lt;p style=\"Margin:0 0 20px 0;font-size:19px;line-height:25px;color:#0b0c0c\"&gt;Hi " + name + ",&lt;/p&gt;&lt;p style=\"Margin:0 0 20px 0;font-size:19px;line-height:25px;color:#0b0c0c\"&gt; Thank you for registering. Please click on the below link to activate your account: &lt;/p&gt;&lt;blockquote style=\"Margin:0 0 20px 0;border-left:10px solid #b1b4b6;padding:15px 0 0.1px 15px;font-size:19px;line-height:25px\"&gt;&lt;p style=\"Margin:0 0 20px 0;font-size:19px;line-height:25px;color:#0b0c0c\"&gt; &lt;a href=\"" + link + "\"&gt;Activate Now&lt;/a&gt; &lt;/p&gt;&lt;/blockquote&gt;\n Link will expire in 15 minutes. &lt;p&gt;See you soon&lt;/p&gt;" +
                "        \n" +
                "      &lt;/td&gt;\n" +
                "      &lt;td width=\"10\" valign=\"middle\"&gt;&lt;br&gt;&lt;/td&gt;\n" +
                "    &lt;/tr&gt;\n" +
                "    &lt;tr&gt;\n" +
                "      &lt;td height=\"30\"&gt;&lt;br&gt;&lt;/td&gt;\n" +
                "    &lt;/tr&gt;\n" +
                "  &lt;/tbody&gt;&lt;/table&gt;&lt;div class=\"yj6qo\"&gt;&lt;/div&gt;&lt;div class=\"adL\"&gt;\n" +
                "\n" +
                "&lt;/div&gt;&lt;/div&gt;";
    }
}

Now create one more package inside the registration package in which we will configure the token from the user for the successful registration.
And then inside this token package, we will create a ConfirmationToken class to create the token for the user.

@Setter
@NoArgsConstructor
@Entity
public class ConfirmationToken {
    @SequenceGenerator(
            name = "confirmation_token_sequence",
            sequenceName = "confirmation_token_sequence",
            allocationSize = 1
    )
    @Id
    @GeneratedValue(
            strategy = GenerationType.SEQUENCE,
            generator = "confirmation_token_sequence"
    )
    private Long id;
    @Column(nullable = false)
    private  String token;
    @Column(nullable = false)
    private LocalDateTime createdAt;
    @Column(nullable = false)
    private LocalDateTime expiredAt;
    private LocalDateTime confirmedAt;

    @ManyToOne
    @JoinColumn(
            nullable = false,
            name= "app_user_id"
    )
    private AppUser appUser;

    public ConfirmationToken(String token,
                             LocalDateTime createdAt,
                             LocalDateTime expiredAt,
                             AppUser appUser) {
        this.token = token;
        this.createdAt = createdAt;
        this.expiredAt = expiredAt;
        this.appUser =appUser;
    }
   }

Run the project and then you can go to postman and hit this url - localhost:8080/api/v1/registration, you will get the access token

Create an interface ConfirmationTokenRepository and extends the JpaRepository to do all the database operation like to save the token to specific user in databse.

interface ConfirmationTokenRepository extends
        JpaRepository&lt;ConfirmationToken,Long&gt; {

    Optional&lt;ConfirmationToken&gt; findByToken(String token);

    @Transactional
    @Modifying
    @Query("UPDATE ConfirmationToken c " +
            "SET c.confirmedAt = ?2 " +
            "WHERE c.token = ?1")
    int updateConfirmedAt(String token,
                          LocalDateTime confirmedAt);


}

Create a ConfirmationTokenService class to save this token to the specific users for 15 mins so that he can activate their account within 15 min and will be able to login.
we have set the token expiry time to 15 mins for the security purpose, we can increase or decrease the expiration time of token according to our purpose.

@AllArgsConstructor
public class ConfirmationTokenService {

    private final ConfirmationTokenRepository confirmationTokenRepository;

    public void saveConfirmationToken(ConfirmationToken token){
        confirmationTokenRepository.save(token);
    }

    public Optional&lt;ConfirmationToken&gt; getToken(String token) {
        return confirmationTokenRepository.findByToken(token);
    }

    public int setConfirmedAt(String token) {
        return confirmationTokenRepository.updateConfirmedAt(
                token, LocalDateTime.now());
    }
}

Now you can hit the access token url localhost:8080/api/v1/registration/confirm/?token=17de5cc5-2f43-48e3-acd2-c47f26bba311
And access token would be the same which we have created while hitting the registration url

4. Create an email package in which we will configure the property of email sending.

Create an interface EmailSender, where we will define the send method that will take t2 String parameters "to" and "email"

\`public interface EmailSender {
void send(String to, String email);
}

Create a classEmailServicewherewewillimplementthissendmethodandthepropertytosendanemailtoaparticularuser'semailwhowilltrytoregister.

`@Service@AllArgsConstructorpublicclassEmailServiceimplementsEmailSender{privatefinalstatic Logger LOGGER = LoggerFactory.getLogger(EmailService.class);privatefinal JavaMailSender javaMailSender;

@Override
@Asyncpublicvoid send(String to, String email) {try {
        MimeMessage mimeMessage = javaMailSender.createMimeMessage();
        MimeMessageHelper mimeMessageHelper = new MimeMessageHelper(mimeMessage,"utf-8");
        mimeMessageHelper.setText(email,true);
        mimeMessageHelper.setTo(to);
        mimeMessageHelper.setSubject("Confirm your email");
        mimeMessageHelper.setFrom("info@hussaincode.in");
        javaMailSender.send(mimeMessage);
    }catch (MessagingException e){
        LOGGER.error("failed to send email",e);thrownew IllegalStateException("failed to send email");

    }
}

}
`

5. For sending a mail we have used the MailDev Service.

MailDev is a free service which we can use to send an email to user for the confirmation of registration.

You can install the MailDev using below commands.

To install MailDev - $ npm install -g maildev
To run MailDev - $ maildev
Once you have installed it you will get a url like to access the email service.

MailDev webapp running at http://0.0.0.0:1080

MailDev SMTP Server running at 0.0.0.0:1025

Once you get this then go to localhost/1080 to access the MailDev.

This is complete Registration/Login Project steps and code. If you have any doubt leave a comment and i will reply.

Get the complete code base of this project on my GitHub

Share this

DEV Community: Mohammad Saddan Hussain

How to host a website on GitHub with custom domain

Most Commonly Asked DSA Question in Interview - 2022

Most Commonly Asked DSA Question in Interview - 2022

Table of contents

1) What is Data Structure?

2) What are the applications of Data Structure?

3) Tell us about linked list.

4) Give us one advantage of linked list?

5) What is the difference between PUSH and POP?

6) Where is data structure majorly used?

7) Are linked lists considered linear or non-linear data structures?

8) What do you mean by LIFO?

9) What are the various operations that can be performed on different Data Structures?

10) Which Data Structure Should be used for implementing LRU cache?

11) What are the advantages of Linked List over an array?

12) Tell us something about binary trees.

15) What exactly do you mean by merge sort?

16) What is the least number of nodes that a binary tree can have?

17) What are the scenarios in which an element can be inserted into the circular queue?

18) What do you know about stack?

19) What is a dequeue?

20) Define the graph data structure?

21) Which data structures are used in BFS and DFS algorithm?

22) What are the applications of Graph data structure?

Java Solution to leetcode problem 1572. Matrix Diagonal Sum

Java Solution to leetcode problem 1572. Matrix Diagonal Sum

OAuth 2.0 and OpenID Connect

OAuth 2.0 and OpenID Connect

Table of contents

What is OAuth 2.0 ?

Different identity use case

Delegated Authorization with OAuth 2.0

OAuth 2.0 Terminology

More OAuth 2.0 Terminology

More OAuth 2.0 Terminology

Why we have to get Authorization code and then exchange that for Access Token

Some key points regarding the Flow

Starting the flow

Calling Back / Redirect URI

Exchange code for Access Token

Authorization server returns an Access Token

Use the Access Token

Different types of OAuth 2.0 flows

Identity use cases (Earlier)

Problems with OAuth 2.0 for authentication

OAuth 2.0 and OpenID Connect

What OpenID Connect adds to OAuth 2.0

OpenID Connect authorization code flow

Starting the OpenID flow

Exchange code for access token and ID token

Authorization server returns access and ID tokens

Identity use cases (Today)

Which flow (grant type) should we use?

Example: web application with server backend

Example: native mobile app

Example: SPA with API backend

Example: SSO with 3rd-party services

Token validation

Keeping the user signed in

Registration/Login System using Spring Boot and Spring Security

Registration/Login System using Spring Boot and Spring Security

Technology used :-

1. Create Project using Spring Initializer

2. Create appuser package

3. Create registration package

4. Create an email package in which we will configure the property of email sending.

5. For sending a mail we have used the MailDev Service.